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REMARKS/ARGUMENTS 

Claim Amendments 

The Applicant has not amended the claims. Applicant respectfully submits no 
new matter has been added. Accordingly, claims 8-14 are pending in the application. 
Favorable reconsideration of the application is respectfully requested in view of the 
foregoing amendments and the following remarks. 

Claim Rejections - 35 U.S.C. § 103 (a) 

Claims 8-14 stand rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Ylonen et al (US 6,438,612 B1 hereinafter Ylonen) and further in view of Moles, et al. 
(US 6725,056 B1 hereinafter Moles). The Applicant respectfully traverses the rejection 
of these claims. 

The Applicant's invention discloses a device and method for facilitating the 
management of IP packets that are associated with a Security Association. There are 
three components including an IP forwarder for determining the destination of the 
packets, a plurality of security procedure modules for receiving the IP packets and a 
security controller for allocating negotiated SAs among the modules. The SC also 
notifies the security procedure modules and the IP forwarder of the allocation. 

The Ylonen reference appears to disclose a method for identifying virtual 
networks and virtual routers during secure tunneling through a network. A separate 
security association is used to send packets to each virtual router at a physical 
computing device identified by the network address. A negotiation takes place between 
two virtual routers in the network and a security association is established that identifies 
the transmitting and receiving virtual routers. Essentially Ylonen is including virtual 
addresses in the security association for ease of routing data packets between virtual 
routers. 

The Moles reference appears to disclose a provisioning system in a wireless 
network. The system prevents any un-provisioned mobile station from accessing the 
wireless network and accessing the Internet via a data call to a base station. A 
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controller is utilized to transmit provisioning retrieved from a provisioning server 
associated with an associated IP data network. (Abstract) 

The Applicant's invention discloses a device and method for processing IPsec 
data packets at an intermediate networking device, in this case a router. The basic 
concept Is to provide a mechanism for handling multiple security associations {SAs) in 
parallel without extensive modifications. A security controller (SC) module is disclosed 
for distributing IPsec policies to a plurality of Security Process (SecProc) modules. 
When new SAs are created the SC determines the SecProc modules for placing the 
new SAs. And the SC module installs IP filters into IP forwarder (IPFW) modules. 

The IPFW modules determine where each packet is sent inside the system 
through filters installed in the IPFW by the SC. The filters match "selectors" in the 
packets according to the IPsec policy that is deployed. The filter points to the security 
processor that handles the IPsec processing for a packet (Page 5, first and second 
paragraph). 

The Ylonen reference was cited for teaching 1) at least one IP forwarder, 2) a 
plurality of security procedure modules and 3) a security controller; all three features 
claimed in claim 8. For example, Applicants claim 8 combination recites the use of a 
security controller to allocate negotiated SAs among security procedure modules. The 
plurality of security modules is coupled to at least one IP forwarder that receives IP 
packets and determines and forwards a packet to the IP packet destination. These 
elements are neither taught nor suggested by the Ylonen reference. 

In the Official Action, a correspondence is drawn between these claimed features 
and the description in the Ylonen reference of 1) negotiation between a transmitting and 
a receiving device; 2) an individual IPSec processor for each virtual router and an 
alternative embodiment that disclosed a plurality of IPSed processors for one virtual 
router and 3) functions that are performed by an automatic key manager and an IPSec 
block that communicates with a security policy database. The Applicant respectfully 
asserts that the above features drawn from the Ylonen reference do not disclose the 
features claimed in Applicant's claim 8. 
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The Moles reference is cited for disclosing a security controller that, among other 
functions provides storage space for incoming IP packet data field and outgoing IP 
packet data field. However, Applicant has reviewed this cited portion of Moles and finds 
no reference to a security controller, as in the Applicant's invention, that allocates 
negotiated SAs among Security procedure modules and notifies both the IPFWs and 
the security procedure modules. 

It is respectfully submitted that Moles does not address the above-identified 
deficiencies of Ylonen with respect to Applicant's invention. The combination of the 
Ylonen and Moles references fails to teach utilizing a security controller that allocates 
negotiated SAs among a plurality of security procedure modules and notifies the 
security procedure modules and the IPFWs involved of the allocation. Nor does the 
combination disclose the at least one IPFW nor the plurality of security procedure 
modules. 

The Applicant respectfully asserts that claim 8 contains limitations not found in 
either Ylonen or Moles. Claim 14 is analogous to claim 8 and contains similar 
limitations. Claims 9-13 depend from claim 8 and contain the same novel limitations 
found in claim 8. The Applicant respectfully requests the withdrawal of the rejection of 
these claims. 

Prior Art Not Relied Upon 

In paragraph 3 on page 5 of the Office Action, the Examiner stated that the prior 
art made of record and not relied upon is considered pertinent to the Applicant's 
disclosure. 
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CONCLUSION 

In view of the foregoing remarks, the Applicant believes all of the claims currently 
pending in the Application to be in a condition for allowance. The Applicant, therefore, 
respectfully requests that the Examiner withdraw all rejections and issue a Notice of 
Allowance for all pending claims. 

The Applicant requests a telephonic interview if the Examiner has any questions 
or requires any additional information that would further or expedite the prosecution of 
the Application. 
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